This is likely the validation record for an authorization created in the past that hasn't expired and is being reused. Once this authorization has expired future attempts to issue for the name will use the correct IP.
A ERR_SSL_VERSION_OR_CIPHER_MISMATCH error won't have been caused by the certificate and so changing anything related to your ACME client or the Let's Encrypt certificate will be the wrong approach.
https://crt.sh is one view into certificate transparency logs. I think operating on the assumption your domain name is secret is the wrong approach and it definitely makes it much harder to help you diagnose your server!